<?php
include("../config.php");
include("../inc/func.php");
include("../db.php");
$debug = TRUE;
loginCheck();
if($_GET['del']) {
	global $db_prefix;
	$query = "DELETE FROM `$db_prefix"."posts` WHERE `$db_prefix"."posts`.`id` = ".$_GET['del']." LIMIT 1;";
	$result = mysql_query($query);
	header("Location: manage.php");
}
if($_GET['update']) {
	  $id = $_POST['id'];
	  $title = stripslashes($_POST['title']);
	  $author = stripslashes($_POST['author']);
	  $text = stripslashes($_POST['text']);
	  $text = nl2br($text);
	  $query = "UPDATE `$db_prefix"."posts` SET `author` = '$author', `title` = '$title', `text` = '$text' WHERE `$db_prefix"."posts`.`id` =$id LIMIT 1 ;";
	  $result = mysql_query($query);
	  ec('<meta HTTP-EQUIV="REFRESH" content="0; url=manage.php?edited=1">');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php site_title();?> Control Panel - Manage</title>
<link rel="stylesheet" href="style.css" />
<script language="javascript" type="text/javascript" src="../inc/js/tiny_mce.js"></script>
<script language="javascript" type="text/javascript">
	tinyMCE.init({
		mode : "textareas",
		theme : "advanced",
		editor_selector : "wys",
		theme_advanced_resize_horizontal : false,
		theme_advanced_resizing : true,
		theme_advanced_toolbar_location : "top",
		theme_advanced_toolbar_align : "left",
	});
</script>
</head>
<body>
<div id="wrap">
  <div id="head">
    <div id="title"><?php site_title(); ?><div class="gotosite"> <a href="../">Go to your site &raquo;</a></div></div>
  </div>
  <div id="nav">
    <ul>
      <li><a href="index.php">Main</a></li>
      <li><a href="post.php">Post</a></li>
      <li class="current"><a href="manage.php">Manage</a></li>
      <li><a href="theme.php">Themes</a></li>
      <li><a href="options.php">Options</a></li>
    </ul>
  </div>
  <div id="content">
  <?php
  if(isset($_GET['id'])) {
  $query2  = "SELECT * FROM $db_prefix"."posts WHERE `id` =".$_GET['id'].";";
  $result2 = mysql_query($query2);
  while($row2 = mysql_fetch_row($result2)) {
  $id = $row2[0];
  $type = $row2[4];
  }
  if($type = "text") {editform("text");}
  elseif($type = "link") {editform("link");}
  elseif($type = "image") {editform("image");}
  elseif($type = "quote") {editform("quote");}
  ?>
  <div class="deleteme"><a href="edit.php?del=<?php ec($id);?>">DELETE</a></div>
  <?php } ?>
  </div>
  <div id="footer"><?php LIversion(); ?></div>
</div>
</body>
</html>
